Re: Root login in graphical enviroment
On Wed, 2002-07-31 at 23:01, Jamin W.Collins wrote:
> On 31 Jul 2002 22:45:00 +0800
> "Crispin Wellington" <crispin@aeonline.net> wrote:
>
> > Why is it a bad idea? Any compromise of ssh will give the user root
> > anyway because it runs at user level root.
>
> Ah, you appear to have missed the Privleged Seperation fiasco recently.
> There are ways now for sshd not to run as root.
Are there indeed? run
ps auxwww|grep sshd
and tell me what user level yours is running at.
How do go about running at another user level, I ask you?
clue_factor=0. Go read the Privilege Separation advisories again.
Tell me. sshd version OpenSSH_3.4p1 Debian 1:3.4p1-1.
/etc/ssh/sshd_config contains PermitRootLogin yes.
Can this sshd be compromised, or not?
Crispin
Reply to: